Unit 05 – Security

Assignment Brief (RQF)

Higher National Diploma in Computing

Course Tittle Pearson BTEC Level 5 Higher National Diploma in Computing

Unit Number and Title: Unit5 - Security

IT Security organizational structure
Assignment Title

Name of the Learner

Ref. No. of the Learner Pearson Regd. No.

Assignment Number 01 Batch No & Semester

Issue Date Submission Date

Re-submission Date Date Received 1st

submission
Unit Assessor: Academic Year 2023/2024

Assessor Summative Feedback

Grade: Assessor Signature: Date:

Resubmission Feedback - Formative

Grade: Assessor Signature: Date

Internal Verifier’s Comments

Signature of the IV Date

Student Agreement:
Student Signature
I understand the feedback given to me and agree to carry out the
actions in future works as required and indicated. Date

Please note that grade decisions are provisional. They are only confirmed once internal and
external moderation has taken place and grades decisions have been agreed at the assessment
board.
Page 1 of 13
Unit 05 – Security

STUDENT ASSESSMENT SUBMISSION AND DECLARATION

Student name: Assessor name:

Issue date: Submission date: Submitted on:

Programme:

Unit:

Assignment number and title:

Plagiarism
Plagiarism is a particular form of cheating. Plagiarism must be avoided at all costs and students who break the

rules, however innocently, may be penalised. It is your responsibility to ensure that you understand correct

referencing practices. As a university level student, you are expected to use appropriate references throughout

and keep carefully detailed notes of all your sources of materials for material you have used in your work,

including any material downloaded from the Internet. Please consult the relevant unit lecturer or your course

tutor if you need any further advice.

Student Declaration

Student declaration

I certify that the assignment submission is entirely my own work and I fully understand the consequences of

plagiarism. I understand that making a false declaration is a form of malpractice.

Student signature: Date:

Page 2 of 13
Unit 05 – Security

SUBMISSION FORMAT

Assignment Part Task Submission Format

Task 1 - Part 1.1 / Part 1.2 /

LO 1 Report
Part 1.3 / Part 1.4

Task 2 – Part 2.1 / Part 2.2 /

LO 2 Report
Part 2.3 / Part 2.4

Task 3 - Part 3.1 / Part 3.2 /

LO 3 Report
Part 3.3 / Part 3.4

Task 4 - Part 4.1 / Part 4.2 /

LO 4 Report
Part 4.3 / Part 4.4

Page 3 of 13
Unit 05 – Security

ASSESSMENT TRACKING & REVIEW PLAN

Grading Review
Assignment Evidence Formative Comments
Criteria Date
P1 Report

LO1 Assess risks to P2 Report

IT security
M1 Report

D1 Report

Report
P3
LO2 Describe IT
security solutions Report
P4

M2 Report

P5 Report
LO3 Review
mechanisms to P6 Report
control
organizational IT M3 Report
security
M4 Report

D2 Report

P7 Report

LO4 Manage P8 Report

organizational
security M5 Report

D3 Report

Page 4 of 13
Unit 05 – Security

SUMMATIVE FEEDBACK
Course Title Pearson BTEC Level 5 Higher National Diploma in Computing

Unit No & Title Unit 5 - Security

Assessor

Ref. No. of the Learner

Name of the Learner

Grading
Summative Feedback
Criteria

LO1 Assess risks to IT security

Discuss types of security risks to organizations
P1
Comments:

Assess organizational security procedures.

P2
Comments:

Analyze the benefits of implementing network monitoring systems with supporting

reasons.
M1
Comments:

Analyze the benefits of implementing network monitoring systems with supporting

reasons.
D1
Comments:

LO2 Describe IT security solutions

Discuss the potential impact to IT security of incorrect configuration of firewall policies

and third-party VPNs.
P3
Comments:

Discuss, using an example for each, how implementing a DMZ, static IP and NAT in a
network can improve network security.

P4
Comments:

Propose a method to assess and treat IT security risks.

M3 Comments:

Page 5 of 13
Unit 05 – Security

LO3 Review mechanisms to control organizational IT security

Review risk assessment procedures in an organization.

P5
Comments:

Explain data protection processes and regulations as applicable to an organization.

P6
Comments:

Summarise an appropriate risk-management approach or ISO standard and its

application in IT security.
M3
Comments:

Analyze possible impacts to organizational security resulting from an IT security audit.

M4
Comments:

Recommend how IT security can be aligned with an organizational policy, detailing the
security impact of any misalignment.
D2
Comments:

LO4 Manage organizational security

Design a suitable security policy for an organization, including the main components of an
organizational disaster recovery plan.
P7
Comments:

Discuss the roles of stakeholders in the organization in implementing security audits.

P8
Comments:

Justify the security plan developed giving reasons for the elements selected.
M5
Comments:

Evaluate the suitability of the tools used in the organizational policy to meet business
needs.
D3
Comments:

Page 6 of 13
Unit 05 – Security

Pearson
Higher Nationals in
COMPUTING

Unit 5: Security

Assignment Brief Number: 1

Page 7 of 13
Unit 05 – Security

Higher National
Certificate/Diploma in
HND in Computing
ASSIGNMENT BRIEF
Student Name/ID
Number
Unit Number and Title
Academic Year 2023 - 2024
Unit Tutor
Assignment Title IT Security organizational structure
Issue Date
Submission Date
IV Name & Date

Submission Format

Task 1 – The submission is in the form of a group development plan. This should be
written in a concise, formal business style using single spacing and font size 12. You
are required to make use of headings, paragraphs and subsections as appropriate.
The recommended word limit is 2000–2500 words, although you will not be
penalized for exceeding the total word limit (Tables, figures and supporting evidence
can be used).
Task 2 – The submission is in the form of a group development plan. This should be
written in a concise, formal business style using single spacing and font size 12. You
are required to make use of headings, paragraphs and subsections as appropriate.
The recommended word limit is 2000–2500 words, although you will not be
penalized for exceeding the total word limit (Tables, figures and supporting evidence
can be used).
Task 3 – The submission is in the form of a group development plan. This should be
written in a concise, formal business style using single spacing and font size 12. You
are required to make use of headings, paragraphs and subsections as appropriate.
The recommended word limit is 2000–2500 words, although you will not be
penalized for exceeding the total word limit (Tables, figures and supporting evidence
can be used).
Task 4 – The submission is in the form of a group development plan. This should be
written in a concise, formal business style using single spacing and font size 12. You
are required to make use of headings, paragraphs and subsections as appropriate.
The recommended word limit is 2000–2500 words, although you will not be
penalized for exceeding the total word limit (Tables, figures and supporting evidence
can be used).

Page 8 of 13
Unit 05 – Security

General Guidelines
1. A cover page or title page should be attached to your assignment. Use page 1 of this

assignment brief as your cover page and make sure all details are accurately filled.

2. The entire assignment brief should be attached as the first section of your assignment.

3. The assignment should be prepared using a word processing software.

4. The assignment should be word processing in an A4 sized paper.

5. Allow 1” margin on top, bottom and right sides of the paper and 1.25” on the left side (for

binding).

Word Processing Rules

1. The font size should be 12 point, and should be in the style of Time New Roman.

2. Set line spacing to 1.5. Justify all paragraphs.

3. Ensure that all headings are consistent in terms of size and font style.

4. Use footer function on the word processor to insert your name, unit, assignment no, and

page number on each page. This is useful if individual sheets get detached from the

submission.

Use the spell check and grammar check function of the word processing application to review the use
of language on your assignment.

Important points
1. It is strictly prohibited to use textboxes to add texts in the assignments, except for the
compulsory information.
e.g.: Figures, tables of comparison etc. Adding text boxes in the body except for the before
mentioned compulsory information will result in rejection of your work.
2. Carefully check the hand in date and the instructions given in the assignment. Late
submissions will not be accepted.
3. Ensure that you give yourself enough time to complete the assignment by the due date.
4. Excuses of any nature will not be accepted for failure to hand in the work on time.
5. You must take responsibility for managing your own time effectively.
6. If you are unable to hand in your assignment on time and have valid reasons such as illness,
you may apply (in writing) for an extension.
7. Failure to achieve at least PASS criteria will result in a REFERRAL grade.
8. Non-submission of work without valid reasons will lead to an automatic RE FERRAL. You will
then be asked to complete an alternative assignment.
9. If you use other people’s work or ideas in your assignment, reference them properly using
HARVARD referencing system to avoid plagiarism. You have to provide both in-text citation
and a reference list.
10. If you are proven to be guilty of plagiarism or any academic misconduct, your grade could be
reduced to A REFERRAL or at worst you could be expelled from the course.
Page 9 of 13
Unit 05 – Security

ASSIGNMENT SCENARIO
MadZoo Digital is a start-up company which was established in 2020. They operate on varieties of software
developments & network solutions. The company’s vision is to transform ideas into experiences and help
brands reach aspirational & affluent audiences through data, creative & technology. The company is
expanding their business since rate of requirements are high. They have planned to establish new
departments for the company such as Research & Development, Project management office, Information
Security, Customer Service & etc.

TASK GUIDANCE
You are recruited as an IT security specialist after you finished your trainings in the company. Security
vulnerability detection & test, network protection, information technology threats, managing IT security,
Create, implement and maintain security policies for the compony are going to be the main focus on the
role. Getting ISO Certification/ISO risk management for the company is also going to be listed. One your
first month you are tasked to assess IT security risks, procedures, potential threats, data security, Network
Security Infrastructure, Network Performances, Disaster Recovery, IT Security Risk Assessment and
produce a well-defined problem-solution type of report for the company. Identified problems and risks has
to be solved and need solutions for IT security improvement.

Page 10 of 13
Unit 05 – Security

TASK 1
1. Following the report Explain the term Security in brief considering the real-world examples as
guided in the scenario, on how the security approach is being taken care in the organization
detailing the specialized area in IT Security, and Identify types of security risks to the organization.

2. Explain the understanding of the CIA triangle using the diagram and detailed explanation each,
considering the organizational security procedures.

3. Considering the security procedures that involves in IT security discuss three benefits to implement
network monitoring systems to the organization with supporting reasons.

4. List the most essential security measures (which includes Physical & Virtual) you should implement
to ensure the integrity of the organization.

TASK 2
1. With the basics of your understanding classify the possible impact to IT security of the organization
on incorrect configuration of firewall policies and using third-party VPNs.

2. Identify the method to assess and threat IT security risks considering the modern trend of
technology been introduced, considering the scenario relating to the organization.

3. Show using an example for each, specifically detailing the implementation process on the following
detailed below,
 DMZ
 Static IP
 NAT

4. And with regard to the definition above explain the process to follow on how we could improve the
organization’s Network Security.

Page 11 of 13
Unit 05 – Security

TASK 3
1. Explain the security issues faced by the company through the risk assessment procedures and
methods.

2. How data protection regulations act through the ISO risk management standards applying to IT
security, considering with a detail explanation on data protection processes and regulations as
applicable to an organization. With regard to this provide an understanding on the ISO 31000 risk
management methodology and its application for the organization’s IT security.

3. Describe the potential impact that an IT Security audit might have on the security of the
organization, also deliberate possible effects to the organizational security resulting from an IT
security audit.

4. With regard to the above discussion study how IT security can be associated with organizational
policy, detailing the security impact to the organization.

TASK 4
1. As an IT security specialist in charge for the organization, through your understanding you are now
required to design, develop and implement a security policy & security plan for an organization. And
justify the reasons why the Security plan was developed for the organization.

2. List and design the main mechanisms of an organizational disaster recovery plan, moderating the
reasons for inclusion.

3. Discuss the responsibilities of employees and stakeholders in relation to security, in the discussion
include the roles of stakeholders in the organization to implement security audit recommendations.
(The information’s included should be according to your own point of view through a valid research).

4. In addition to the Security Policies, you have designed and implemented above in Part 1, you will
now evaluate the proposed tools used within the policy and how they align with IT security.

Page 12 of 13
Unit 05 – Security

LEARNING OUTCOMES AND ASSESSMENT CRITERIA

Learning Outcomes and Assessment Criteria

Pass Merit Distinction

LO1 Assess risks to IT security

P1 Discuss types of security risks M1 Analyze the benefits of LO1 & 2 D1 Evaluate a range of
to organizations. implementing network monitoring physical and virtual security
systems with supporting reasons. measures that can be employed to
P2 Assess organizational security ensure the integrity of
procedures. organizational IT security.

LO2 Describe IT security solutions

P3 Discuss the potential impact to M2 Propose a method to assess

IT security of incorrect and treat IT security risks.
configuration of firewall policies
and third-party VPNs.

P4 Discuss, using an example for

each, how implementing a DMZ,
static IP and NAT in a network can
improve network security.

LO3 Review mechanisms to control organizational IT security

P5 Review risk assessment M3 Summarise an appropriate risk- D2 Recommend how IT security can
procedures in an organization. management approach or ISO be aligned with an organizational
standard and its application in IT policy, detailing the security impact
P6 Explain data protection security. of any misalignment.
processes and regulations as
applicable to an organization. M4 Analyze possible impacts to
organizational security resulting
from an IT security audit.

LO4 Manage organizational security

P7 Design a suitable security M5 Justify the security plan D3 Evaluate the suitability of the
policy for an organization, developed giving reasons for the tools used in the organizational
including the main components of elements selected. policy to meet business needs.
an organizational disaster
recovery plan.

P8 Discuss the roles of

stakeholders in the organization
in implementing security audits.

Page 13 of 13